Applications developed for JOnAS 3.1 do not require changes; however, they should be redeployed (GenIC). The migration affects only certain customized configuration files and build.xml files.
The main changes are in the area of communication protocols support, due to the integration of CAROL. This implies the following configuration changes:
The jndi.properties file is replaced by a carol.properties file (in JONAS_BASE/conf or JONAS_ROOT/conf) and is no longer searched for within the classpath.
The OBJECTWEB_ORB environment variable no longer exists.
Security context propagation is specified in the jonas.properties file, which replaces the
-secpropag |
secpropag |
EJBs can be deployed for several protocols, which is specified by the new option
-protocols |
protocols |
The ${OBJECTWEB_ORB}_jonas.jar files, that is, RMI_jonas.jar or JEREMIE_jonas.jar, no longer exist; there is only one jonas.jar file.
The previous items involve changes in application build.xml files.
Refer to Section 3.3 Configuring the Communication Protocol and JNDI for details about Communication Protocols configuration.
Other configuration changes are due to security enhancements:
The files tomcat-users.xml jonas-users.properties, and jettyRealm.properties, are suppressed and replaced by a jonas-realm.xml file. This file contains the list of users/password/roles for the Memory realm, as well as the access configuration for database and LDAP realms. Realms declared in this file have corresponding resources bound in the registry, and MBeans to be managed.
The security service should be launched after the dbm service (order in the jonas.services property).
A new realm with a reference to the JOnAS resource specified in the jonas-realm.xml file is used in the server.xml file (Tomcat) or in the web-jetty.xml file (Jetty).
The jonas.properties file contains a new line specifying the jndi name of a resource (ejbrealm) that provides Java access to the user identification repository (memory, ldap, or database) of the corresponding realm (specified in the jonas-realm.xml file). This is primarily used by Java clients that intend to build their SecurityContext.
Refer to Section 3.5.8 Configuring the Security Service for details about Security configuration.
The preferred steps for migrating from JOnAS 3.1 are the following:
Create a new JOnAS_BASE (for example, through the ANT create_jonasbase target).
Copy the new as well as any customized files from the old JONAS_BASE to the new one, conforming to the new configuration rules (jndi.properties replaced by carol.properties, security context propagation and realm specified in jonas.properties, new realm specification in server.xml, changes in your build.xml files, content of tomcat-users.xml or jonas-users.properties or jettyRealm.properties should migrate into jonas-realm.xml).
Details for migrating a configuration are provided in the following sections.
Modify this file according to the content of the old jndi.properties file. If the OBJECTWEB_ORB was RMI, set carol.protocols to jrmp if the OBJECTWEB_ORB was JEREMIE, set carol.protocols to jeremie. Then, configure the URL with host name and port number. Example:
carol.protocols=jrmp carol.jrmp.url=rmi://localhost:1099 |
If EJB security was used, the security context propagation should be activated. A realm resource can be chosen to be accessed from Java; this is now specified in the jonas.properties file:
jonas.security.propagation true jonas.service.security.ejbrealm memrlm_1 jonas.services registry,jmx,jtm,dbm,security,jms,ejb,web,ear |
Choose the memory, database, or ldap realm resource for Tomcat authentication.
<Realm className="org.objectweb.jonas.security.realm.JRealmCatalina41" debug="99" resourceName="memrlm_1"/> |
This file is located in the WEB-INF directory of a WAR file and contains a reference to the JOnAS Realm to be used for authentication.
<Call name="setRealmName"> <Arg>Example Basic Authentication Area</Arg> </Call> <Call name="setRealm"> <Arg> <New class="org.objectweb.jonas.security.realm.JRealmJetty42"> <Arg>Example Basic Authentication Area</Arg> <Arg>memrlm_1</Arg> </New> </Arg> </Call> |
For existing scripts that call GenIC for deploying EJBs, the -secpropag option no longer exists (security propagation is activated from the jonas.properties file as illustrated previously), and a new option -protocols specifies a comma-separated list of protocols (chosen within jeremie, jrmp, iiop, cmi) for which stubs will be generated. The default value is jrmp,jeremie.
GenIC -protocols jrmp,jeremie,iiop |
Refer to the following for the deployment ANT task.
The build.xml files for building JOnAS examples have been upgraded according to the new configuration scheme. Existing build.xml files must be updated the same way:
<property name="orb" value="${myenv.OBJECTWEB_ORB}" /> is no longer used and must be suppressed.
In the target building the classpath, replace ${orb}_jonas.jar by jonas.jar.
In the jonas deployment task, suppress the attributes orb="${orb}" secpropag="yes," and add the attribute protocols="${protocols.names}." The build.properties file of the JOnAS examples now contains protocols.names=jrmp,jeremie.